Remco me at rwv.io
Thu May 13 06:46:27 BST 2021
- - - - - - - - - - - - - - - - - - -
A couple of days ago I've found and fix a path traversal issue in thedezhemini (aka dʒɛmɪni) gemini server software. A specially crafted URLwill allow an attacker to read arbitrary files from the host filesystem.
The issue is fixed in commit 2dba1ee1c875b07ca2e04f8bf2d03bfc5b2afc5f.All versions prior to this commit are vulnerable to this type ofintrusion.
Please upgrade as soon as possible.